Code signing is a proven security practice to protect and extend trust based use of software systems and applications.

Companies publishing and consuming software need a secure code signing mechanism to protect code integrity and provide a safe and secure experience for internal and external customers. An unsecured, disconnected, and non-automated process can result in data, access, legal, business, and reputational risks.

Ensuring a secure code signing process requires validating the signing process so that the right code is signed with the right key by the right user, managing the signing keys securely, having easy certificate management and providing an audit trail of all every signing activity.

Often, code signing process is manual in nature and it becomes difficult for developers to manually sign thousands of files per day. Moreover, security of the cryptographic keys and custom integrations with various HSMs poses a difficulty for many security teams.

Aujas Code Sign

Aujas code sign is a secure, centralized, automated, and DevOps ready platform that ensures the integrity of software applications, protects the signing keys using cloud HSMs, provides automated audit trails, and combat malware.

Aujas Code Sign Platform Features:

  1. Unified and Centralized
    • Automated code signing platform that consolidates the process at the organization level; establishes a unified way of signing.
    • Tightly integrated with the build process to ensure the code signing process is leak free.
    • Supports cross-platform, multiple certificates (standard, EV and self-signed certificates).
  2. Secure
    • Enterprise-grade malware scanner to inspect files for malware.
    • Cloud HSM for secure storage of signing keys, keeping the keys away from unauthorized reach for better security, and establish trust.
    • Cloud-based solution in line with country specific data protection act.
    • Role-based approval to provide complete control over each code signing activity.
    • Automated audit trails to enable transparent processes.
  3. Development Friendly
    • Easy CLI integration with options to submit file signing parallelly.
    • Seamless integration with existing DevOps pipeline.
    • Eliminate code signing burden from the development team.
    • Complete inventory of all code signing certificates used across enterprise.
  4. Easy to Buy
    • SaaS-based offering deployable on private AWS instance.
    • Pay as use, Flexible, Volume-based pricing model.

Success Story

The world's seventh-largest pure-play enterprise software company building a range of software from mainframes to mobile applications needed a robust solution to streamline it's code signing process securely. The company was doing more than 12 million signings in a year. They felt the need to make the code signing process seamlessly easy to use for multiple DevOps team without compromising on security.

By adopting Aujas Code Signing (ACS) platform, they experienced easier CLI integration and the option to submit file signing parallelly. Aujas' solution, which leveraged the microservice-based architecture, was easily extendable and scalable based on the demand.

ACS integrated cloud HSM to secure the keys used for code signing and supported fully automated monitoring & alerting of cloud infrastructure. As a result, the code signing process for the company became far more efficient and secure.

Interested to learn more about the code signing process? Read the Blog